From de85897f59551f4015749f9afe022a29f74183e9 Mon Sep 17 00:00:00 2001
From: Simon Stone <sstone1@uk.ibm.com>
Date: Mon, 18 May 2020 08:40:43 +0100
Subject: [PATCH] Separate identity registration from CA creation (contributes
 to #235) (#237)

Signed-off-by: Simon Stone <sstone1@uk.ibm.com>
---
 roles/endorsing_organization/tasks/create.yml | 42 +++++++++++++------
 roles/ordering_organization/tasks/create.yml  | 42 +++++++++++++------
 2 files changed, 60 insertions(+), 24 deletions(-)

diff --git a/roles/endorsing_organization/tasks/create.yml b/roles/endorsing_organization/tasks/create.yml
index 133f7136..eed96691 100644
--- a/roles/endorsing_organization/tasks/create.yml
+++ b/roles/endorsing_organization/tasks/create.yml
@@ -28,14 +28,6 @@
                 hf.GenCRL: true
                 hf.Registrar.Attributes: "*"
                 hf.AffiliationMgr: true
-            - name: "{{ organization_admin_enrollment_id }}"
-              pass: "{{ organization_admin_enrollment_secret }}"
-              type: admin
-              maxenrollments: -1
-            - name: "{{ peer_enrollment_id }}"
-              pass: "{{ peer_enrollment_secret }}"
-              type: peer
-              maxenrollments: -1
       tlsca:
         registry:
           maxenrollments: -1
@@ -52,10 +44,6 @@
                 hf.GenCRL: true
                 hf.Registrar.Attributes: "*"
                 hf.AffiliationMgr: true
-            - name: "{{ peer_enrollment_id }}"
-              pass: "{{ peer_enrollment_secret }}"
-              type: peer
-              maxenrollments: -1
     resources: "{{ ca_resources | default(omit) }}"
     storage: "{{ ca_storage | default(omit) }}"
     wait_timeout: "{{ wait_timeout | default(omit) }}"
@@ -74,6 +62,36 @@
     enrollment_secret: "{{ ca_admin_enrollment_secret }}"
     path: "{{ playbook_dir }}/{{ ca_name }} Admin.json"
 
+- name: Register the organization admin
+  ibm.blockchain_platform.registered_identity:
+    state: "{{ state }}"
+    api_endpoint: "{{ api_endpoint }}"
+    api_authtype: "{{ api_authtype }}"
+    api_key: "{{ api_key }}"
+    api_secret: "{{ api_secret | default(omit) }}"
+    api_token_endpoint: "{{ api_token_endpoint | default(omit) }}"
+    certificate_authority: "{{ ca_name }}"
+    registrar: "{{ playbook_dir }}/{{ ca_name }} Admin.json"
+    enrollment_id: "{{ organization_admin_enrollment_id }}"
+    enrollment_secret: "{{ organization_admin_enrollment_secret }}"
+    max_enrollments: -1
+    type: admin
+
+- name: Register the peer
+  ibm.blockchain_platform.registered_identity:
+    state: "{{ state }}"
+    api_endpoint: "{{ api_endpoint }}"
+    api_authtype: "{{ api_authtype }}"
+    api_key: "{{ api_key }}"
+    api_secret: "{{ api_secret | default(omit) }}"
+    api_token_endpoint: "{{ api_token_endpoint | default(omit) }}"
+    certificate_authority: "{{ ca_name }}"
+    registrar: "{{ playbook_dir }}/{{ ca_name }} Admin.json"
+    enrollment_id: "{{ peer_enrollment_id }}"
+    enrollment_secret: "{{ peer_enrollment_secret }}"
+    max_enrollments: -1
+    type: peer
+
 - name: Enroll the organization admin
   ibm.blockchain_platform.enrolled_identity:
     state: "{{ state }}"
diff --git a/roles/ordering_organization/tasks/create.yml b/roles/ordering_organization/tasks/create.yml
index ecae836f..c688b5fc 100644
--- a/roles/ordering_organization/tasks/create.yml
+++ b/roles/ordering_organization/tasks/create.yml
@@ -28,14 +28,6 @@
                 hf.GenCRL: true
                 hf.Registrar.Attributes: "*"
                 hf.AffiliationMgr: true
-            - name: "{{ organization_admin_enrollment_id }}"
-              pass: "{{ organization_admin_enrollment_secret }}"
-              type: admin
-              maxenrollments: -1
-            - name: "{{ ordering_service_enrollment_id }}"
-              pass: "{{ ordering_service_enrollment_secret }}"
-              type: orderer
-              maxenrollments: -1
       tlsca:
         registry:
           maxenrollments: -1
@@ -52,10 +44,6 @@
                 hf.GenCRL: true
                 hf.Registrar.Attributes: "*"
                 hf.AffiliationMgr: true
-            - name: "{{ ordering_service_enrollment_id }}"
-              pass: "{{ ordering_service_enrollment_secret }}"
-              type: orderer
-              maxenrollments: -1
     resources: "{{ ca_resources | default(omit) }}"
     storage: "{{ ca_storage | default(omit) }}"
     wait_timeout: "{{ wait_timeout | default(omit) }}"
@@ -74,6 +62,36 @@
     enrollment_secret: "{{ ca_admin_enrollment_secret }}"
     path: "{{ playbook_dir }}/{{ ca_name }} Admin.json"
 
+- name: Register the organization admin
+  ibm.blockchain_platform.registered_identity:
+    state: "{{ state }}"
+    api_endpoint: "{{ api_endpoint }}"
+    api_authtype: "{{ api_authtype }}"
+    api_key: "{{ api_key }}"
+    api_secret: "{{ api_secret | default(omit) }}"
+    api_token_endpoint: "{{ api_token_endpoint | default(omit) }}"
+    certificate_authority: "{{ ca_name }}"
+    registrar: "{{ playbook_dir }}/{{ ca_name }} Admin.json"
+    enrollment_id: "{{ organization_admin_enrollment_id }}"
+    enrollment_secret: "{{ organization_admin_enrollment_secret }}"
+    max_enrollments: -1
+    type: admin
+
+- name: Register the ordering service
+  ibm.blockchain_platform.registered_identity:
+    state: "{{ state }}"
+    api_endpoint: "{{ api_endpoint }}"
+    api_authtype: "{{ api_authtype }}"
+    api_key: "{{ api_key }}"
+    api_secret: "{{ api_secret | default(omit) }}"
+    api_token_endpoint: "{{ api_token_endpoint | default(omit) }}"
+    certificate_authority: "{{ ca_name }}"
+    registrar: "{{ playbook_dir }}/{{ ca_name }} Admin.json"
+    enrollment_id: "{{ ordering_service_enrollment_id }}"
+    enrollment_secret: "{{ ordering_service_enrollment_secret }}"
+    max_enrollments: -1
+    type: orderer
+
 - name: Enroll the organization admin
   ibm.blockchain_platform.enrolled_identity:
     state: "{{ state }}"